USN-1553-1: OpenJDK 6 vulnerabilities

Ubuntu Security Notice USN-1553-1

openjdk-6 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 12.04 LTS

Ubuntu 11.10

Ubuntu 11.04

Ubuntu 10.04 LTS

Summary

Two security issues were fixed in OpenJDK 6.

Software description

openjdk-6
- Open Source Java implementation

Details

It was discovered that the Beans component in OpenJDK 6 did notproperly prevent access to restricted classes. A remote attacker coulduse this to create an untrusted Java applet or application that wouldbypass Java sandbox restrictions. (CVE-2012-1682)

It was discovered that functionality in the AWT component in OpenJDK 6made it easier for a remote attacker, in conjunction with othervulnerabilities, to bypass Java sandbox restrictions. (CVE-2012-0547)

Update instructions

The problem can be corrected by updating your system to the following
package version: